[ On Tuesday, September 16, 2003 at 12:29:52 (+0930), Brett Lymn wrote: ]
> Subject: Re: static linking for NetBSD
>
> Feh - use verified exec then.
I'd still like to see a proper mathematical proof of that concept which
includes coverage of the bootstrap issue.
There are just too many catch-22's in it for me to believe it does
anything more than obfuscate the real problems and just provide a false
sense of security.
The parmount rule of software security is still: K.I.S.S.
Checking what amounts to the same thing twice doesn't seem to add any
assurance to me, and instead it only seems to add unnecessary complexity.
--
Greg A. Woods
+1 416 218-0098 VE3TCP RoboHack <woods@robohack.ca>
Planix, Inc. <woods@planix.com> Secrets of the Weird <woods@weird.com>